Bug#256963: apache2: DoS in apache httpd 2.0.49 issue (CAN-2004-0493)

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#256963: apache2: DoS in apache httpd 2.0.49 issue (CAN-2004-0493)
From: Hideki Yamane <henrich@samba.gr.jp>
Date: Wed, 30 Jun 2004 17:19:47 +0900
Message-id: <[🔎] 20040630081947.4F33F4488@mebius>
Reply-to: Hideki Yamane <henrich@samba.gr.jp>, 256963@bugs.debian.org

Package: apache2
Severity: normal
Tags: security

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Dear apache2 maintainer team,

 Probably you know, but FYI.
 (I cannot find discussion in debian-apache ML and new packages 
  in incoming, so I posted this in BTS. This post makes users to 
  track security issue more easier, I think).

 Georgi Guninski found security flaw about DoS attack in apache 2.0.49.
 (http://www.guninski.com/httpd1.html)

 and patch is here.
 http://www.apache.org/dist/httpd/patches/apply_to_2.0.49/CAN-2004-0493.patch
 Is there any plan to apply this patch?
 

 If I had overlooked your working about this issue, please let me know 
 what I should see.

- --
Regards,

 Hideki Yamane     henrich @ samba.gr.jp/iijmio-mail.jp


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFA4neiIu0hy8THJksRAh7mAJ9kkr5I4dFmmNaxL75UPXxvMVOWQQCfZmlT
CF+W3gAGJVL5SShaiZ5Ktho=
=dBpV
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: Bug#256109: libapr0: apr shared memory segments stick around forever if there's a crash
Next by Date: Bug#256982: Upgrade of Apache fails due to configuration syntax error.
Previous by thread: Bug#246071: marked as done ([INTL:tr] Turkish po-debconf translation)
Next by thread: Bug#256982: Upgrade of Apache fails due to configuration syntax error.
Index(es):
- Date
- Thread